[mythtv-users] Usefulness of firewall (Was: firewalld settings to allow mythtv to work?)

Mike Perkins mikep at randomtraveller.org.uk
Thu Aug 11 08:41:41 UTC 2022


On 11/08/2022 00:18, James wrote:
> 
> 
>> On 10 Aug 2022, at 11:33 pm, Simon <linux at thehobsons.co.uk> wrote:
>>
>>> If you have a modem/router and you are running an ipv4 network at home then any firewall within your network is totally without any value what so ever.
>>
>> I disagree - (almost) totally.
> 
> Actually I agree (I had not considered SOUP)
> 
> Stephens comment
> 
>> I have a separate IoT subnet where I put all my untrusted devices.
>> That subnet has Internet access, but the only access it has to the
>> rest of my network is to the DNS and NTP servers - anything else is
>> blocked.  The parts of my network that are trusted can talk to the IoT
>> subnet to access the devices as required.  The WiFi SSID on the IoT
>> subnet is set up to disallow devices from talking to each other.
> 
> But I need to think, offhand I don't see the ubiquitous modem/router being flexible enough to achieve this.
> 
> James
> 
Most domestic modem/router combinations are very rudimentary and provide limited flexibility if at all.

Most or all assume that access is going to be via wifi and that just wouldn't work around here. I 
can easily see >20 other ISP-provided router/modems most of the time. Why bother when the house is 
already wired and I don't need to spray my mythtv sessions around the neighborhood?

That's why I ended up building my own with a mini-ITX board and pfSense. It has six ports and the 
GUI is far more flexible than any of the other options I have tried in the past.

In my case I can hang this off the ADSL adaptor but, if that didn't work, I could just hang it off 
the single 1Ghz port provided by the ISP modem.

-- 

Mike Perkins



More information about the mythtv-users mailing list